Yi Wu
ABSTRACT
In this work, we conduct the first study to explore the potential security and privacy vulnerabilities of cordless power transfer techniques, particularly Qi wireless charging for mobile devices. We demonstrate the communication established between the charger and the charging device could be easily interfered with and eavesdropped. Specifically, through stealthily placing an adversarial coil on the wireless charger, an adversary can hijack the communication channel and inject malicious data bits which can take control of the charging process. Moreover, by simply taping two wires on the wireless charger, an adversary can eavesdrop Qi messages, which carry rich information highly correlated with the charging device's activities, from the measured primary coil voltage. We examine the extent to which this side-channel leaks private information about the smartphone's activities while being charged (e.g., detect and identify incoming calls and messages from different apps). Experimental results demonstrate the capability of an adversary to inject any desired malicious packets to take over the charging process, and the primary coil voltage side channel can leak private information of the smartphone's activities while being charged.
- ST Microelectronics. 2020. EVALSTWBC-EP: Qi MP-A15 15W wireless charger TX evaluation kit based on STWBC-EP. https://www.st.com/content/st_com/en/products/evaluation-tools/solution-evaluation-tools/psu-and-converter-solution-eval-boards/evalstwbc-ep.html. Accessed September, 2020.Google Scholar
- Dries Van Wageningen and Toine Staring. 2010. The Qi wireless power standard. In Proceedings of 14th International Power Electronics and Motion Control Conference EPE-PEMC 2010. IEEE, S15--25.Google ScholarCross Ref
Index Terms
Security and privacy in the age of cordless power world: poster abstract
Recommendations
Time to Rethink the Design of Qi Standard? Security and Privacy Vulnerability Analysis of Qi Wireless Charging
ACSAC '21: Proceedings of the 37th Annual Computer Security Applications ConferenceWith the ever-growing deployment of Qi wireless charging for mobile devices, the potential impact of its vulnerabilities is an increasing concern. In this paper, we conduct the first thorough study to explore its potential security and privacy ...
Wireless Charging Power Side-Channel Attacks
CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications SecurityThis paper demonstrates that today's wireless charging interface is vulnerable to power side-channel attacks; a smartphone that charges wirelessly leaks information about its activity to the wireless charger transmitter. We present a website ...
Security beyond cybersecurity: side-channel attacks against non-cyber systems and their countermeasures
AbstractSide-channels are unintended pathways within target systems that leak internal information, exploitable via side-channel attack techniques that extract the target information, compromising the system’s security and privacy. Side-channel attacks ...
Comments